37 #include "utils/fmgroids.h" 53 Oid grantorId,
bool admin_opt);
76 Datum new_record[Natts_pg_authid];
77 bool new_record_nulls[Natts_pg_authid];
84 bool createrole =
false;
86 bool canlogin =
false;
87 bool isreplication =
false;
88 bool bypassrls =
false;
93 char *validUntil = NULL;
94 Datum validUntil_datum;
102 DefElem *disreplication = NULL;
128 if (strcmp(defel->
defname,
"password") == 0)
132 (
errcode(ERRCODE_SYNTAX_ERROR),
133 errmsg(
"conflicting or redundant options"),
137 else if (strcmp(defel->
defname,
"sysid") == 0)
140 (
errmsg(
"SYSID can no longer be specified")));
142 else if (strcmp(defel->
defname,
"superuser") == 0)
146 (
errcode(ERRCODE_SYNTAX_ERROR),
147 errmsg(
"conflicting or redundant options"),
151 else if (strcmp(defel->
defname,
"inherit") == 0)
155 (
errcode(ERRCODE_SYNTAX_ERROR),
156 errmsg(
"conflicting or redundant options"),
160 else if (strcmp(defel->
defname,
"createrole") == 0)
164 (
errcode(ERRCODE_SYNTAX_ERROR),
165 errmsg(
"conflicting or redundant options"),
169 else if (strcmp(defel->
defname,
"createdb") == 0)
173 (
errcode(ERRCODE_SYNTAX_ERROR),
174 errmsg(
"conflicting or redundant options"),
178 else if (strcmp(defel->
defname,
"canlogin") == 0)
182 (
errcode(ERRCODE_SYNTAX_ERROR),
183 errmsg(
"conflicting or redundant options"),
187 else if (strcmp(defel->
defname,
"isreplication") == 0)
191 (
errcode(ERRCODE_SYNTAX_ERROR),
192 errmsg(
"conflicting or redundant options"),
194 disreplication = defel;
196 else if (strcmp(defel->
defname,
"connectionlimit") == 0)
200 (
errcode(ERRCODE_SYNTAX_ERROR),
201 errmsg(
"conflicting or redundant options"),
205 else if (strcmp(defel->
defname,
"addroleto") == 0)
209 (
errcode(ERRCODE_SYNTAX_ERROR),
210 errmsg(
"conflicting or redundant options"),
214 else if (strcmp(defel->
defname,
"rolemembers") == 0)
218 (
errcode(ERRCODE_SYNTAX_ERROR),
219 errmsg(
"conflicting or redundant options"),
221 drolemembers = defel;
223 else if (strcmp(defel->
defname,
"adminmembers") == 0)
227 (
errcode(ERRCODE_SYNTAX_ERROR),
228 errmsg(
"conflicting or redundant options"),
230 dadminmembers = defel;
232 else if (strcmp(defel->
defname,
"validUntil") == 0)
236 (
errcode(ERRCODE_SYNTAX_ERROR),
237 errmsg(
"conflicting or redundant options"),
241 else if (strcmp(defel->
defname,
"bypassrls") == 0)
245 (
errcode(ERRCODE_SYNTAX_ERROR),
246 errmsg(
"conflicting or redundant options"),
251 elog(
ERROR,
"option \"%s\" not recognized",
255 if (dpassword && dpassword->
arg)
262 createrole =
intVal(dcreaterole->
arg) != 0;
268 isreplication =
intVal(disreplication->
arg) != 0;
274 (
errcode(ERRCODE_INVALID_PARAMETER_VALUE),
275 errmsg(
"invalid connection limit: %d", connlimit)));
278 addroleto = (
List *) daddroleto->
arg;
280 rolemembers = (
List *) drolemembers->
arg;
282 adminmembers = (
List *) dadminmembers->
arg;
286 bypassrls =
intVal(dbypassRLS->
arg) != 0;
293 (
errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
294 errmsg(
"must be superuser to create superusers")));
296 else if (isreplication)
300 (
errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
301 errmsg(
"must be superuser to create replication users")));
307 (
errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
308 errmsg(
"must be superuser to change bypassrls attribute")));
314 (
errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
315 errmsg(
"permission denied to create role")));
324 (
errcode(ERRCODE_RESERVED_NAME),
325 errmsg(
"role name \"%s\" is reserved",
327 errdetail(
"Role names starting with \"pg_\" are reserved.")));
333 #ifdef ENFORCE_REGRESSION_TEST_NAME_RESTRICTIONS 334 if (strncmp(stmt->
role,
"regress_", 8) != 0)
335 elog(
WARNING,
"roles created by regression test cases should have names starting with \"regress_\"");
348 errmsg(
"role \"%s\" already exists",
358 validUntil_null =
false;
362 validUntil_datum = (
Datum) 0;
363 validUntil_null =
true;
370 (*check_password_hook) (stmt->
role,
379 MemSet(new_record, 0,
sizeof(new_record));
380 MemSet(new_record_nulls,
false,
sizeof(new_record_nulls));
382 new_record[Anum_pg_authid_rolname - 1] =
385 new_record[Anum_pg_authid_rolsuper - 1] =
BoolGetDatum(issuper);
386 new_record[Anum_pg_authid_rolinherit - 1] =
BoolGetDatum(inherit);
387 new_record[Anum_pg_authid_rolcreaterole - 1] =
BoolGetDatum(createrole);
388 new_record[Anum_pg_authid_rolcreatedb - 1] =
BoolGetDatum(createdb);
389 new_record[Anum_pg_authid_rolcanlogin - 1] =
BoolGetDatum(canlogin);
390 new_record[Anum_pg_authid_rolreplication - 1] =
BoolGetDatum(isreplication);
391 new_record[Anum_pg_authid_rolconnlimit - 1] =
Int32GetDatum(connlimit);
410 if (password[0] ==
'\0' ||
414 (
errmsg(
"empty string is not a valid password, clearing password")));
415 new_record_nulls[Anum_pg_authid_rolpassword - 1] =
true;
422 new_record[Anum_pg_authid_rolpassword - 1] =
427 new_record_nulls[Anum_pg_authid_rolpassword - 1] =
true;
429 new_record[Anum_pg_authid_rolvaliduntil - 1] = validUntil_datum;
430 new_record_nulls[Anum_pg_authid_rolvaliduntil - 1] = validUntil_null;
432 new_record[Anum_pg_authid_rolbypassrls - 1] =
BoolGetDatum(bypassrls);
442 (
errcode(ERRCODE_INVALID_PARAMETER_VALUE),
443 errmsg(
"pg_authid OID value not set when in binary upgrade mode")));
467 if (addroleto || adminmembers || rolemembers)
473 foreach(item, addroleto)
478 Oid oldroleid = oldroleform->oid;
479 char *oldrolename =
NameStr(oldroleform->rolname);
522 Datum new_record[Natts_pg_authid];
523 bool new_record_nulls[Natts_pg_authid];
524 bool new_record_repl[Natts_pg_authid];
531 char *rolename = NULL;
538 int isreplication = -1;
541 char *validUntil = NULL;
542 Datum validUntil_datum;
543 bool validUntil_null;
551 DefElem *disreplication = NULL;
559 "Cannot alter reserved roles.");
566 if (strcmp(defel->
defname,
"password") == 0)
570 (
errcode(ERRCODE_SYNTAX_ERROR),
571 errmsg(
"conflicting or redundant options")));
574 else if (strcmp(defel->
defname,
"superuser") == 0)
578 (
errcode(ERRCODE_SYNTAX_ERROR),
579 errmsg(
"conflicting or redundant options")));
582 else if (strcmp(defel->
defname,
"inherit") == 0)
586 (
errcode(ERRCODE_SYNTAX_ERROR),
587 errmsg(
"conflicting or redundant options")));
590 else if (strcmp(defel->
defname,
"createrole") == 0)
594 (
errcode(ERRCODE_SYNTAX_ERROR),
595 errmsg(
"conflicting or redundant options")));
598 else if (strcmp(defel->
defname,
"createdb") == 0)
602 (
errcode(ERRCODE_SYNTAX_ERROR),
603 errmsg(
"conflicting or redundant options")));
606 else if (strcmp(defel->
defname,
"canlogin") == 0)
610 (
errcode(ERRCODE_SYNTAX_ERROR),
611 errmsg(
"conflicting or redundant options")));
614 else if (strcmp(defel->
defname,
"isreplication") == 0)
618 (
errcode(ERRCODE_SYNTAX_ERROR),
619 errmsg(
"conflicting or redundant options")));
620 disreplication = defel;
622 else if (strcmp(defel->
defname,
"connectionlimit") == 0)
626 (
errcode(ERRCODE_SYNTAX_ERROR),
627 errmsg(
"conflicting or redundant options")));
630 else if (strcmp(defel->
defname,
"rolemembers") == 0 &&
635 (
errcode(ERRCODE_SYNTAX_ERROR),
636 errmsg(
"conflicting or redundant options")));
637 drolemembers = defel;
639 else if (strcmp(defel->
defname,
"validUntil") == 0)
643 (
errcode(ERRCODE_SYNTAX_ERROR),
644 errmsg(
"conflicting or redundant options")));
647 else if (strcmp(defel->
defname,
"bypassrls") == 0)
651 (
errcode(ERRCODE_SYNTAX_ERROR),
652 errmsg(
"conflicting or redundant options")));
656 elog(
ERROR,
"option \"%s\" not recognized",
660 if (dpassword && dpassword->
arg)
673 isreplication =
intVal(disreplication->
arg);
679 (
errcode(ERRCODE_INVALID_PARAMETER_VALUE),
680 errmsg(
"invalid connection limit: %d", connlimit)));
683 rolemembers = (
List *) drolemembers->
arg;
698 roleid = authform->oid;
704 if (authform->rolsuper || issuper >= 0)
708 (
errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
709 errmsg(
"must be superuser to alter superusers")));
711 else if (authform->rolreplication || isreplication >= 0)
715 (
errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
716 errmsg(
"must be superuser to alter replication users")));
718 else if (authform->rolbypassrls || bypassrls >= 0)
722 (
errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
723 errmsg(
"must be superuser to change bypassrls attribute")));
738 (
errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
739 errmsg(
"permission denied")));
749 validUntil_null =
false;
755 Anum_pg_authid_rolvaliduntil,
763 (*check_password_hook) (rolename,
772 MemSet(new_record, 0,
sizeof(new_record));
773 MemSet(new_record_nulls,
false,
sizeof(new_record_nulls));
774 MemSet(new_record_repl,
false,
sizeof(new_record_repl));
781 new_record[Anum_pg_authid_rolsuper - 1] =
BoolGetDatum(issuper > 0);
782 new_record_repl[Anum_pg_authid_rolsuper - 1] =
true;
787 new_record[Anum_pg_authid_rolinherit - 1] =
BoolGetDatum(inherit > 0);
788 new_record_repl[Anum_pg_authid_rolinherit - 1] =
true;
793 new_record[Anum_pg_authid_rolcreaterole - 1] =
BoolGetDatum(createrole > 0);
794 new_record_repl[Anum_pg_authid_rolcreaterole - 1] =
true;
799 new_record[Anum_pg_authid_rolcreatedb - 1] =
BoolGetDatum(createdb > 0);
800 new_record_repl[Anum_pg_authid_rolcreatedb - 1] =
true;
805 new_record[Anum_pg_authid_rolcanlogin - 1] =
BoolGetDatum(canlogin > 0);
806 new_record_repl[Anum_pg_authid_rolcanlogin - 1] =
true;
809 if (isreplication >= 0)
811 new_record[Anum_pg_authid_rolreplication - 1] =
BoolGetDatum(isreplication > 0);
812 new_record_repl[Anum_pg_authid_rolreplication - 1] =
true;
817 new_record[Anum_pg_authid_rolconnlimit - 1] =
Int32GetDatum(connlimit);
818 new_record_repl[Anum_pg_authid_rolconnlimit - 1] =
true;
828 if (password[0] ==
'\0' ||
832 (
errmsg(
"empty string is not a valid password, clearing password")));
833 new_record_nulls[Anum_pg_authid_rolpassword - 1] =
true;
840 new_record[Anum_pg_authid_rolpassword - 1] =
843 new_record_repl[Anum_pg_authid_rolpassword - 1] =
true;
847 if (dpassword && dpassword->
arg == NULL)
849 new_record_repl[Anum_pg_authid_rolpassword - 1] =
true;
850 new_record_nulls[Anum_pg_authid_rolpassword - 1] =
true;
854 new_record[Anum_pg_authid_rolvaliduntil - 1] = validUntil_datum;
855 new_record_nulls[Anum_pg_authid_rolvaliduntil - 1] = validUntil_null;
856 new_record_repl[Anum_pg_authid_rolvaliduntil - 1] =
true;
860 new_record[Anum_pg_authid_rolbypassrls - 1] =
BoolGetDatum(bypassrls > 0);
861 new_record_repl[Anum_pg_authid_rolbypassrls - 1] =
true;
865 new_record_nulls, new_record_repl);
884 else if (stmt->
action == -1)
912 "Cannot alter reserved roles.");
916 roleid = roleform->oid;
928 if (roleform->rolsuper)
932 (
errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
933 errmsg(
"must be superuser to alter superusers")));
939 (
errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
940 errmsg(
"permission denied")));
969 (
errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
970 errmsg(
"must be superuser to alter settings globally")));
991 (
errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
992 errmsg(
"permission denied to drop role")));
1001 foreach(item, stmt->
roles)
1016 (
errcode(ERRCODE_INVALID_PARAMETER_VALUE),
1017 errmsg(
"cannot use special role specifier in DROP ROLE")));
1026 (
errcode(ERRCODE_UNDEFINED_OBJECT),
1027 errmsg(
"role \"%s\" does not exist", role)));
1032 (
errmsg(
"role \"%s\" does not exist, skipping",
1040 roleid = roleform->oid;
1044 (
errcode(ERRCODE_OBJECT_IN_USE),
1045 errmsg(
"current user cannot be dropped")));
1048 (
errcode(ERRCODE_OBJECT_IN_USE),
1049 errmsg(
"current user cannot be dropped")));
1052 (
errcode(ERRCODE_OBJECT_IN_USE),
1053 errmsg(
"session user cannot be dropped")));
1062 (
errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
1063 errmsg(
"must be superuser to drop superusers")));
1076 &detail, &detail_log))
1078 (
errcode(ERRCODE_DEPENDENT_OBJECTS_STILL_EXIST),
1079 errmsg(
"role \"%s\" cannot be dropped because some objects depend on it",
1098 Anum_pg_auth_members_roleid,
1103 true, NULL, 1, &scankey);
1113 Anum_pg_auth_members_member,
1118 true, NULL, 1, &scankey);
1169 Datum repl_val[Natts_pg_authid];
1170 bool repl_null[Natts_pg_authid];
1171 bool repl_repl[Natts_pg_authid];
1183 (
errcode(ERRCODE_UNDEFINED_OBJECT),
1184 errmsg(
"role \"%s\" does not exist", oldname)));
1195 roleid = authform->oid;
1199 (
errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
1200 errmsg(
"session user cannot be renamed")));
1203 (
errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
1204 errmsg(
"current user cannot be renamed")));
1212 (
errcode(ERRCODE_RESERVED_NAME),
1213 errmsg(
"role name \"%s\" is reserved",
1215 errdetail(
"Role names starting with \"pg_\" are reserved.")));
1219 (
errcode(ERRCODE_RESERVED_NAME),
1220 errmsg(
"role name \"%s\" is reserved",
1222 errdetail(
"Role names starting with \"pg_\" are reserved.")));
1228 #ifdef ENFORCE_REGRESSION_TEST_NAME_RESTRICTIONS 1229 if (strncmp(newname,
"regress_", 8) != 0)
1230 elog(
WARNING,
"roles created by regression test cases should have names starting with \"regress_\"");
1237 errmsg(
"role \"%s\" already exists", newname)));
1246 (
errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
1247 errmsg(
"must be superuser to rename superusers")));
1253 (
errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
1254 errmsg(
"permission denied to rename role")));
1258 for (i = 0; i < Natts_pg_authid; i++)
1259 repl_repl[i] =
false;
1261 repl_repl[Anum_pg_authid_rolname - 1] =
true;
1264 repl_null[Anum_pg_authid_rolname - 1] =
false;
1266 datum =
heap_getattr(oldtuple, Anum_pg_authid_rolpassword, dsc, &isnull);
1271 repl_repl[Anum_pg_authid_rolpassword - 1] =
true;
1272 repl_null[Anum_pg_authid_rolpassword - 1] =
true;
1275 (
errmsg(
"MD5 password cleared because of role rename")));
1332 if (rolename == NULL || priv->
cols !=
NIL)
1334 (
errcode(ERRCODE_INVALID_GRANT_OPERATION),
1335 errmsg(
"column names cannot be included in GRANT/REVOKE ROLE")));
1366 foreach(cell, role_ids)
1372 (
errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
1373 errmsg(
"permission denied to drop objects")));
1393 foreach(cell, role_ids)
1399 (
errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
1400 errmsg(
"permission denied to reassign objects")));
1408 (
errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
1409 errmsg(
"permission denied to reassign objects")));
1428 foreach(l, memberNames)
1453 List *memberSpecs,
List *memberIds,
1454 Oid grantorId,
bool admin_opt)
1475 (
errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
1476 errmsg(
"must be superuser to alter superusers")));
1483 (
errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
1484 errmsg(
"must have admin option on role \"%s\"",
1500 (
errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
1501 errmsg(
"must be superuser to set grantor")));
1506 forboth(specitem, memberSpecs, iditem, memberIds)
1512 Datum new_record[Natts_pg_auth_members];
1513 bool new_record_nulls[Natts_pg_auth_members];
1514 bool new_record_repl[Natts_pg_auth_members];
1525 (
errcode(ERRCODE_INVALID_GRANT_OPERATION),
1526 (
errmsg(
"role \"%s\" is a member of role \"%s\"",
1541 (
errmsg(
"role \"%s\" is already a member of role \"%s\"",
1548 MemSet(new_record, 0,
sizeof(new_record));
1549 MemSet(new_record_nulls,
false,
sizeof(new_record_nulls));
1550 MemSet(new_record_repl,
false,
sizeof(new_record_repl));
1554 new_record[Anum_pg_auth_members_grantor - 1] =
ObjectIdGetDatum(grantorId);
1555 new_record[Anum_pg_auth_members_admin_option - 1] =
BoolGetDatum(admin_opt);
1559 new_record_repl[Anum_pg_auth_members_grantor - 1] =
true;
1560 new_record_repl[Anum_pg_auth_members_admin_option - 1] =
true;
1563 new_record_nulls, new_record_repl);
1570 new_record, new_record_nulls);
1597 List *memberSpecs,
List *memberIds,
1619 (
errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
1620 errmsg(
"must be superuser to alter superusers")));
1627 (
errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
1628 errmsg(
"must have admin option on role \"%s\"",
1635 forboth(specitem, memberSpecs, iditem, memberIds)
1650 (
errmsg(
"role \"%s\" is not a member of role \"%s\"",
1664 Datum new_record[Natts_pg_auth_members];
1665 bool new_record_nulls[Natts_pg_auth_members];
1666 bool new_record_repl[Natts_pg_auth_members];
1669 MemSet(new_record, 0,
sizeof(new_record));
1670 MemSet(new_record_nulls,
false,
sizeof(new_record_nulls));
1671 MemSet(new_record_repl,
false,
sizeof(new_record_repl));
1673 new_record[Anum_pg_auth_members_admin_option - 1] =
BoolGetDatum(
false);
1674 new_record_repl[Anum_pg_auth_members_admin_option - 1] =
true;
1678 new_record_nulls, new_record_repl);
bool has_createrole_privilege(Oid roleid)
Value * makeString(char *str)
static char password[100]
Oid GetNewOidWithIndex(Relation relation, Oid indexId, AttrNumber oidcolumn)
void shdepDropOwned(List *roleids, DropBehavior behavior)
Datum namein(PG_FUNCTION_ARGS)
void table_close(Relation relation, LOCKMODE lockmode)
#define forboth(cell1, list1, cell2, list2)
void systable_endscan(SysScanDesc sysscan)
Oid binary_upgrade_next_pg_authid_oid
#define InvokeObjectPostCreateHook(classId, objectId, subId)
#define RelationGetDescr(relation)
#define PointerGetDatum(X)
char * pstrdup(const char *in)
void DropOwnedObjects(DropOwnedStmt *stmt)
bool has_privs_of_role(Oid member, Oid role)
void AlterSetting(Oid databaseid, Oid roleid, VariableSetStmt *setstmt)
#define InvokeObjectDropHook(classId, objectId, subId)
char * encrypt_password(PasswordType target_type, const char *role, const char *password)
bool is_admin_of_role(Oid member, Oid role)
int plain_crypt_verify(const char *role, const char *shadow_pass, const char *client_pass, char **logdetail)
int errcode(int sqlerrcode)
#define MemSet(start, val, len)
void CatalogTupleDelete(Relation heapRel, ItemPointer tid)
HeapTuple heap_form_tuple(TupleDesc tupleDescriptor, Datum *values, bool *isnull)
#define DirectFunctionCall1(func, arg1)
void heap_freetuple(HeapTuple htup)
bool IsReservedName(const char *name)
List * lappend_oid(List *list, Oid datum)
#define OidIsValid(objectId)
void(* check_password_hook_type)(const char *username, const char *shadow_pass, PasswordType password_type, Datum validuntil_time, bool validuntil_null)
Oid GetSessionUserId(void)
SysScanDesc systable_beginscan(Relation heapRelation, Oid indexId, bool indexOK, Snapshot snapshot, int nkeys, ScanKey key)
Oid CreateRole(ParseState *pstate, CreateRoleStmt *stmt)
int errdetail_internal(const char *fmt,...)
Oid get_role_oid(const char *rolname, bool missing_ok)
FormData_pg_authid * Form_pg_authid
void aclcheck_error(AclResult aclerr, ObjectType objtype, const char *objectname)
HeapTuple systable_getnext(SysScanDesc sysscan)
#define SearchSysCacheExists1(cacheId, key1)
#define ObjectIdGetDatum(X)
void GrantRole(GrantRoleStmt *stmt)
static void AddRoleMems(const char *rolename, Oid roleid, List *memberSpecs, List *memberIds, Oid grantorId, bool admin_opt)
void shdepLockAndCheckObject(Oid classId, Oid objectId)
#define lfirst_node(type, lc)
void shdepReassignOwned(List *roleids, Oid newrole)
int errdetail(const char *fmt,...)
#define CStringGetDatum(X)
int errdetail_log(const char *fmt,...)
#define ereport(elevel, rest)
#define InvokeObjectPostAlterHook(classId, objectId, subId)
bool pg_database_ownercheck(Oid db_oid, Oid roleid)
bool superuser_arg(Oid roleid)
#define DirectFunctionCall3(func, arg1, arg2, arg3)
char * get_rolespec_name(const RoleSpec *role)
#define AuthMemRoleMemIndexId
Oid AlterRole(AlterRoleStmt *stmt)
#define heap_getattr(tup, attnum, tupleDesc, isnull)
HeapTuple SearchSysCache1(int cacheId, Datum key1)
#define TextDatumGetCString(d)
void CommandCounterIncrement(void)
void check_rolespec_name(const RoleSpec *role, const char *detail_msg)
void ReleaseSysCache(HeapTuple tuple)
Oid AlterRoleSet(AlterRoleSetStmt *stmt)
Datum SysCacheGetAttr(int cacheId, HeapTuple tup, AttrNumber attributeNumber, bool *isNull)
#define list_make1_oid(x1)
Oid get_rolespec_oid(const RoleSpec *role, bool missing_ok)
FormData_pg_auth_members * Form_pg_auth_members
void LockSharedObject(Oid classid, Oid objid, uint16 objsubid, LOCKMODE lockmode)
VariableSetStmt * setstmt
Oid get_database_oid(const char *dbname, bool missing_ok)
ObjectAddress RenameRole(const char *oldname, const char *newname)
List * roleSpecsToIds(List *memberNames)
#define HeapTupleIsValid(tuple)
#define Assert(condition)
#define AuthMemMemRoleIndexId
HeapTuple get_rolespec_tuple(const RoleSpec *role)
void CatalogTupleUpdate(Relation heapRel, ItemPointer otid, HeapTuple tup)
static int list_length(const List *l)
int parser_errposition(ParseState *pstate, int location)
HeapTuple SearchSysCache2(int cacheId, Datum key1, Datum key2)
#define ObjectAddressSet(addr, class_id, object_id)
void DeleteSharedSecurityLabel(Oid objectId, Oid classId)
#define AccessExclusiveLock
bool is_member_of_role_nosuper(Oid member, Oid role)
Datum timestamptz_in(PG_FUNCTION_ARGS)
Oid createdb(ParseState *pstate, const CreatedbStmt *stmt)
int errmsg(const char *fmt,...)
PasswordType get_password_type(const char *shadow_pass)
void ReassignOwnedObjects(ReassignOwnedStmt *stmt)
static bool have_createrole_privilege(void)
void ScanKeyInit(ScanKey entry, AttrNumber attributeNumber, StrategyNumber strategy, RegProcedure procedure, Datum argument)
#define CStringGetTextDatum(s)
void DropRole(DropRoleStmt *stmt)
bool checkSharedDependencies(Oid classId, Oid objectId, char **detail_msg, char **detail_log_msg)
Relation table_open(Oid relationId, LOCKMODE lockmode)
HeapTuple heap_modify_tuple(HeapTuple tuple, TupleDesc tupleDesc, Datum *replValues, bool *replIsnull, bool *doReplace)
check_password_hook_type check_password_hook
void DropSetting(Oid databaseid, Oid roleid)
#define ERRCODE_DUPLICATE_OBJECT
void CatalogTupleInsert(Relation heapRel, HeapTuple tup)
#define BTEqualStrategyNumber
static void DelRoleMems(const char *rolename, Oid roleid, List *memberSpecs, List *memberIds, bool admin_opt)